diff --git a/.389-ds-base.metadata b/.389-ds-base.metadata
index 1186c8b..6acf989 100644
--- a/.389-ds-base.metadata
+++ b/.389-ds-base.metadata
@@ -1,2 +1,2 @@
-3793bb1f6fd7bbc9843438375dfecaa52ed942dd SOURCES/389-ds-base-2.0.11.tar.bz2
+895e2c67a2b2fd8c97f4a56ae7849ffd46517432 SOURCES/389-ds-base-2.0.14.tar.bz2
 9e06b5cc57fd185379d007696da153893cf73e30 SOURCES/jemalloc-5.2.1.tar.bz2
diff --git a/.gitignore b/.gitignore
index d1e4f79..f772518 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/389-ds-base-2.0.11.tar.bz2
+SOURCES/389-ds-base-2.0.14.tar.bz2
 SOURCES/jemalloc-5.2.1.tar.bz2
diff --git a/SOURCES/0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch b/SOURCES/0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch
new file mode 100644
index 0000000..ecea5dc
--- /dev/null
+++ b/SOURCES/0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch
@@ -0,0 +1,31 @@
+From d41352806f44c47a9e99f9eb1b0bdfef7b0aa4f4 Mon Sep 17 00:00:00 2001
+From: Mark Reynolds <mreynolds@redhat.com>
+Date: Tue, 25 Jan 2022 12:27:02 -0500
+Subject: [PATCH] Bug 2027783 - CVE-2021-4091 389-ds-base: double-free of the
+ virtual attribute context in persistent search
+
+Description:  Fix double free.  The double free is related to
+persistent search req.   It was introduced with i
+https://pagure.io/389-ds-base/issue/49097
+
+Reviewed by: mreynolds, progier, jchapman
+---
+ ldap/servers/slapd/pblock.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
+index 94e7c0ab7..56bbfc92e 100644
+--- a/ldap/servers/slapd/pblock.c
++++ b/ldap/servers/slapd/pblock.c
+@@ -330,6 +330,8 @@ slapi_pblock_clone(Slapi_PBlock *pb)
+     if (pb->pb_intplugin != NULL) {
+         _pblock_assert_pb_intplugin(new_pb);
+         *(new_pb->pb_intplugin) = *(pb->pb_intplugin);
++        /* Make sure that only the cloned pblock refers to vattr_context */
++        pb->pb_intplugin->pb_vattr_context = NULL;
+     }
+     if (pb->pb_deprecated != NULL) {
+         _pblock_assert_pb_deprecated(new_pb);
+-- 
+2.31.1
+
diff --git a/SPECS/389-ds-base.spec b/SPECS/389-ds-base.spec
index 2d24f84..773ac12 100644
--- a/SPECS/389-ds-base.spec
+++ b/SPECS/389-ds-base.spec
@@ -46,9 +46,9 @@ ExcludeArch: i686
 
 Summary:          389 Directory Server (base)
 Name:             389-ds-base
-Version:          2.0.11
+Version:          2.0.14
 Release:          1%{?dist}
-License:          GPLv3+ and ASL 2.0 and MPLv2.0 and Boost
+License:          GPLv3+ and ASL 2.0
 URL:              https://www.port389.org
 Conflicts:        selinux-policy-base < 3.9.8
 Conflicts:        freeipa-server < 4.0.3
@@ -59,7 +59,7 @@ Provides:         ldif2ldbm >= 0
 
 ##### Bundled cargo crates list - START #####
 Provides:  bundled(crate(ahash)) = 0.7.6
-Provides:  bundled(crate(ansi_term)) = 0.11.0
+Provides:  bundled(crate(ansi_term)) = 0.12.1
 Provides:  bundled(crate(atty)) = 0.2.14
 Provides:  bundled(crate(autocfg)) = 1.0.1
 Provides:  bundled(crate(base64)) = 0.13.0
@@ -68,81 +68,82 @@ Provides:  bundled(crate(byteorder)) = 1.4.3
 Provides:  bundled(crate(cbindgen)) = 0.9.1
 Provides:  bundled(crate(cc)) = 1.0.72
 Provides:  bundled(crate(cfg-if)) = 1.0.0
-Provides:  bundled(crate(clap)) = 2.33.3
-Provides:  bundled(crate(concread)) = 0.2.19
+Provides:  bundled(crate(clap)) = 2.34.0
+Provides:  bundled(crate(concread)) = 0.2.21
 Provides:  bundled(crate(crossbeam)) = 0.8.1
-Provides:  bundled(crate(crossbeam-channel)) = 0.5.1
+Provides:  bundled(crate(crossbeam-channel)) = 0.5.2
 Provides:  bundled(crate(crossbeam-deque)) = 0.8.1
-Provides:  bundled(crate(crossbeam-epoch)) = 0.9.5
-Provides:  bundled(crate(crossbeam-queue)) = 0.3.2
-Provides:  bundled(crate(crossbeam-utils)) = 0.8.5
+Provides:  bundled(crate(crossbeam-epoch)) = 0.9.6
+Provides:  bundled(crate(crossbeam-queue)) = 0.3.3
+Provides:  bundled(crate(crossbeam-utils)) = 0.8.6
 Provides:  bundled(crate(entryuuid)) = 0.1.0
 Provides:  bundled(crate(entryuuid_syntax)) = 0.1.0
+Provides:  bundled(crate(fastrand)) = 1.7.0
 Provides:  bundled(crate(fernet)) = 0.1.4
 Provides:  bundled(crate(foreign-types)) = 0.3.2
 Provides:  bundled(crate(foreign-types-shared)) = 0.1.1
-Provides:  bundled(crate(getrandom)) = 0.2.3
+Provides:  bundled(crate(getrandom)) = 0.2.4
 Provides:  bundled(crate(hashbrown)) = 0.11.2
 Provides:  bundled(crate(hermit-abi)) = 0.1.19
 Provides:  bundled(crate(instant)) = 0.1.12
-Provides:  bundled(crate(itoa)) = 0.4.8
+Provides:  bundled(crate(itoa)) = 1.0.1
 Provides:  bundled(crate(jobserver)) = 0.1.24
 Provides:  bundled(crate(lazy_static)) = 1.4.0
-Provides:  bundled(crate(libc)) = 0.2.107
+Provides:  bundled(crate(libc)) = 0.2.113
 Provides:  bundled(crate(librnsslapd)) = 0.1.0
 Provides:  bundled(crate(librslapd)) = 0.1.0
 Provides:  bundled(crate(lock_api)) = 0.4.5
 Provides:  bundled(crate(log)) = 0.4.14
-Provides:  bundled(crate(lru)) = 0.6.6
-Provides:  bundled(crate(memoffset)) = 0.6.4
-Provides:  bundled(crate(once_cell)) = 1.8.0
+Provides:  bundled(crate(lru)) = 0.7.2
+Provides:  bundled(crate(memoffset)) = 0.6.5
+Provides:  bundled(crate(once_cell)) = 1.9.0
 Provides:  bundled(crate(openssl)) = 0.10.38
-Provides:  bundled(crate(openssl-sys)) = 0.9.71
+Provides:  bundled(crate(openssl-sys)) = 0.9.72
 Provides:  bundled(crate(parking_lot)) = 0.11.2
 Provides:  bundled(crate(parking_lot_core)) = 0.8.5
 Provides:  bundled(crate(paste)) = 0.1.18
 Provides:  bundled(crate(paste-impl)) = 0.1.18
-Provides:  bundled(crate(pin-project-lite)) = 0.2.7
-Provides:  bundled(crate(pkg-config)) = 0.3.22
-Provides:  bundled(crate(ppv-lite86)) = 0.2.15
+Provides:  bundled(crate(pin-project-lite)) = 0.2.8
+Provides:  bundled(crate(pkg-config)) = 0.3.24
+Provides:  bundled(crate(ppv-lite86)) = 0.2.16
 Provides:  bundled(crate(proc-macro-hack)) = 0.5.19
-Provides:  bundled(crate(proc-macro2)) = 1.0.32
+Provides:  bundled(crate(proc-macro2)) = 1.0.36
 Provides:  bundled(crate(pwdchan)) = 0.1.0
-Provides:  bundled(crate(quote)) = 1.0.10
+Provides:  bundled(crate(quote)) = 1.0.15
 Provides:  bundled(crate(rand)) = 0.8.4
 Provides:  bundled(crate(rand_chacha)) = 0.3.1
 Provides:  bundled(crate(rand_core)) = 0.6.3
 Provides:  bundled(crate(rand_hc)) = 0.3.1
 Provides:  bundled(crate(redox_syscall)) = 0.2.10
 Provides:  bundled(crate(remove_dir_all)) = 0.5.3
-Provides:  bundled(crate(ryu)) = 1.0.5
+Provides:  bundled(crate(ryu)) = 1.0.9
 Provides:  bundled(crate(scopeguard)) = 1.1.0
-Provides:  bundled(crate(serde)) = 1.0.130
-Provides:  bundled(crate(serde_derive)) = 1.0.130
-Provides:  bundled(crate(serde_json)) = 1.0.71
+Provides:  bundled(crate(serde)) = 1.0.135
+Provides:  bundled(crate(serde_derive)) = 1.0.135
+Provides:  bundled(crate(serde_json)) = 1.0.78
 Provides:  bundled(crate(slapd)) = 0.1.0
 Provides:  bundled(crate(slapi_r_plugin)) = 0.1.0
-Provides:  bundled(crate(smallvec)) = 1.7.0
+Provides:  bundled(crate(smallvec)) = 1.8.0
 Provides:  bundled(crate(strsim)) = 0.8.0
-Provides:  bundled(crate(syn)) = 1.0.81
+Provides:  bundled(crate(syn)) = 1.0.86
 Provides:  bundled(crate(synstructure)) = 0.12.6
-Provides:  bundled(crate(tempfile)) = 3.2.0
+Provides:  bundled(crate(tempfile)) = 3.3.0
 Provides:  bundled(crate(textwrap)) = 0.11.0
-Provides:  bundled(crate(tokio)) = 1.14.0
-Provides:  bundled(crate(tokio-macros)) = 1.6.0
+Provides:  bundled(crate(tokio)) = 1.15.0
+Provides:  bundled(crate(tokio-macros)) = 1.7.0
 Provides:  bundled(crate(toml)) = 0.5.8
 Provides:  bundled(crate(unicode-width)) = 0.1.9
 Provides:  bundled(crate(unicode-xid)) = 0.2.2
 Provides:  bundled(crate(uuid)) = 0.8.2
 Provides:  bundled(crate(vcpkg)) = 0.2.15
 Provides:  bundled(crate(vec_map)) = 0.8.2
-Provides:  bundled(crate(version_check)) = 0.9.3
+Provides:  bundled(crate(version_check)) = 0.9.4
 Provides:  bundled(crate(wasi)) = 0.10.2+wasi_snapshot_preview1
 Provides:  bundled(crate(winapi)) = 0.3.9
 Provides:  bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
 Provides:  bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
-Provides:  bundled(crate(zeroize)) = 1.4.3
-Provides:  bundled(crate(zeroize_derive)) = 1.2.2
+Provides:  bundled(crate(zeroize)) = 1.5.0
+Provides:  bundled(crate(zeroize_derive)) = 1.3.1
 ##### Bundled cargo crates list - END #####
 
 BuildRequires:    nspr-devel
@@ -261,6 +262,7 @@ Source2:          %{name}-devel.README
 %if %{bundle_jemalloc}
 Source3:          https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
 %endif
+Patch01:          0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch
 
 %description
 389 Directory Server is an LDAPv3 compliant server.  The base package includes
@@ -630,6 +632,7 @@ exit 0
 %{_sbindir}/openldap_to_ds
 %{_mandir}/man8/openldap_to_ds.8.gz
 %{_libexecdir}/%{pkgname}/ds_systemd_ask_password_acl
+%{_libexecdir}/%{pkgname}/ds_selinux_restorecon.sh
 %{_mandir}/man5/99user.ldif.5.gz
 %{_mandir}/man5/certmap.conf.5.gz
 %{_mandir}/man5/slapd-collations.conf.5.gz
@@ -709,6 +712,19 @@ exit 0
 %endif
 
 %changelog
+* Fri Jan 28 2022 Mark Reynolds <mreynolds@redhat.com> - 2.0.14-1
+- Bump version to 2.0.14-1
+- Resolves: Bug 2034880 - ipa-restore command is failing when restore after uninstalling the server (part2)
+
+* Tue Jan 25 2022 Mark Reynolds <mreynolds@redhat.com> - 2.0.13-1
+- Bump version to 2.0.13-1
+- Resolves: Bug 2034880 - ipa-restore command is failing when restore after uninstalling the server
+- Resolves: Bug 2045098 - Demoting a supplier to a consumer crashes the server
+
+* Wed Nov 24 2021 Simon Pichugin <spichugi@redhat.com> - 2.0.11-2
+- Bump version to 2.0.11-2
+- Revert commit "Set db home directory by default"
+
 * Thu Nov 18 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.11-1
 - Bump version to 2.0.11-1
 - Resolves: Bug 2024693 - Rebase RHEL 9.0 with 389-ds-base